SITUATION

A Fortune 500 Insurance company with more than 11,000 employees was seeking someone to help support their existing Security Operations Center (SOC) staff. They needed assistance in managing the security evaluation and mitigation of vulnerabilities on desktop endpoints, identifying trends and threats to the infrastructure, analyzing and validating event data collected by security tools, responding to security alerts, managing identified security tools, and coordinating incident detection and response activities related to identified security events.

APPROACH

The vSOC team was entrusted with managing all security incidents within American Family’s environment, extending to three co-ops, a task they completed with excellence and exceeding client expectations. The vSOC’s comprehensive approach included handling (security information and event management (SIEM) alerts, phishing, ServiceNow incidents, and email box monitoring and providing expert consultation on SIEM tuning and XSOAR automation. They further contributed to creating Standard Operating Procedures (SOPs) and metric reports, vital tools in assessing and enhancing the security posture. The project’s success demonstrated the vSOC team’s capacity to deliver a multifaceted security solution that went above and beyond the specified requirements.​

RESULTS

• Handled SIEM Alerts: Efficiently managed and responded to SIEM alerts.​
• Phishing Response: Actively addressed and neutralized phishing threats.​
• ServiceNow Incident Management: Managed and resolved incidents within the ServiceNow platform.​
• Email Box Monitoring: Conducted vigilant monitoring of email boxes to detect and respond to security threats.​
• Consulting on SIEM Tuning: Provided expert consultation and guidance on tuning SIEM systems for optimal performance.​
• XSOAR Automation Implementation: Assisted in the automation process using XSOAR, enhancing efficiency and response times.​
• SOP Creations: Contributed to the creation of SOPs to streamline and standardize processes.